* Probing counters without calling IPtables -L
@ 2004-03-05 14:51 mase hare
2004-03-05 19:01 ` Pablo Neira
0 siblings, 1 reply; 2+ messages in thread
From: mase hare @ 2004-03-05 14:51 UTC (permalink / raw)
To: netfilter-devel
Good day all NetFilter/IPtables developers!
I am a IPtables user, and I do like it very much.
Thats why I want to use IPtables with my development.
I want to develop my own C program to compilment
IPtables to do accounting on network traffic for me.
Now there is plenty of accounting programs available
on the web, but most uses scripts with the iptables -L -v
command to generate sumarry files.
I would like to build a stand-alone deamon to probe
only the specific rules' counters ( packets, bytes ),
thus no scripting, and no iptables -L -v.
I think this was possible with IPchaincs by looking in
a specific file in /proc/net/ip_*
---------------------------------
Now my question is:
Is there for IPtables also a file which one can cat
to read the counters from, in /proc/net/*?
And if not, what -in your opinions- would be the
best course for me to take
in getting these counters inside my C program
with their source and destination addresses.
---------------------------------
Thank You very much for the time and effort!
I do appriciate it truly.
Yours,
Mase Hare
__________________________________________________________________________
http://www.webmail.co.za/dialup Webmail ISP - Cool Connection, Cool Price
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Probing counters without calling IPtables -L
2004-03-05 14:51 Probing counters without calling IPtables -L mase hare
@ 2004-03-05 19:01 ` Pablo Neira
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira @ 2004-03-05 19:01 UTC (permalink / raw)
To: mase hare, netfilter-devel
Hi mase,
mase hare wrote:
>Good day all NetFilter/IPtables developers!
>
>I am a IPtables user, and I do like it very much.
>Thats why I want to use IPtables with my development.
>I want to develop my own C program to compilment
>IPtables to do accounting on network traffic for me.
>
>Now there is plenty of accounting programs available
>on the web, but most uses scripts with the iptables -L -v
>command to generate sumarry files.
>
>I would like to build a stand-alone deamon to probe
>only the specific rules' counters ( packets, bytes ),
>thus no scripting, and no iptables -L -v.
>
>I think this was possible with IPchaincs by looking in
>a specific file in /proc/net/ip_*
>
>---------------------------------
>Now my question is:
>Is there for IPtables also a file which one can cat
>to read the counters from, in /proc/net/*?
>And if not, what -in your opinions- would be the
>best course for me to take
>in getting these counters inside my C program
>with their source and destination addresses.
>---------------------------------
>
>
Anyway, if you are thinking about reading from /proc/net/* in short
period of time, you must take into account that this will decrease
considerably the performance. Harald pointed out a similar issue for
iptstate.
regards,
Pablo
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2004-03-05 19:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-03-05 14:51 Probing counters without calling IPtables -L mase hare
2004-03-05 19:01 ` Pablo Neira
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.